About Me

Since the 1990s I have been very involved with fighting the military "don't ask don't tell" policy for gays in the military, and with First Amendment issues. Best contact is 571-334-6107 (legitimate calls; messages can be left; if not picked up retry; I don't answer when driving) Three other url's: doaskdotell.com, billboushka.com johnwboushka.com Links to my URLs are provided for legitimate content and user navigation purposes only.
My legal name is "John William Boushka" or "John W. Boushka"; my parents gave me the nickname of "Bill" based on my middle name, and this is how I am generally greeted. This is also the name for my book authorship. On the Web, you can find me as both "Bill Boushka" and "John W. Boushka"; this has been the case since the late 1990s. Sometimes I can be located as "John Boushka" without the "W." That's the identity my parents dealt me in 1943!

Friday, March 11, 2016

Hillary Clinton's use of her own email server parallels some situations in my own career; here is a perspective on what matters

Hillary Clinton’s email server “scandal” still is unsettled legally – I don’t think it will stop her nomination or candidacy, but the possibility is still conceivable.

What I want to focus on here is some observations in my own workplaces in the past that seem relevant to what Hillary claims.

In a number of jobs, I had access to consumer PII, particularly in the area of production support.

Consumer privacy is a bigger issue today than it was in the 1980s and 1990s, partly because all of the security hacks and incidents at major retailers. So the problem of access to consumer PII is comparable to access to classified information, even though it usually doesn’t require a formal clearance.

The first time I supported production from home was in 1990. We were given small dumb terminals we could take home to connect to a mainframe, and they didn’t work too well. Soon I used my own PC (which at the time was an AST Research and later an IBM PS-1) with Procomm-plus. I think I got mine somehow when I bought the computer almost free, but copies were available at work. (The licensing of these copies became controversial for a while in 1992).

That could mean that consumer data would be available in my own computer’s memory or caches.

It was also common practice to do systems testing with copies of production data. Many times listings of tests with production consumer data were retained, even if this meant clutter. I even kept some listings at home as verification at any time that my work was done properly (CYA stuffed under the pillow). But these were destroyed (probably winding up in a landfill) before I moved to Minnesota in 1997.

In fact, in 1987, we did a major parallel of production for a month with full listings of all reports from both systems. Someone in quality control actually took the listings home and checked them on her kitchen table in Dallas. This was acceptable in those days.

It’s also noteworthy that there a customer service jobs from home where people work on their own home computers (companies like Alpine Access, Live Ops, etc). Although these companies would require home computers to be properly equipped with anti-virus software, it’s apparent that this practice could lead to vulnerabilities.

When I worked for Census in 2010 and 2011, we were issued a Census laptop, and could use a Census cellular wireless connection. But it was permissible to use your own cable connection if you wanted.

My point here is that standards for protecting sensitive information used to be quite loose. It has generally been acceptable to use employee-owned devices for workplace support, although in recent years, concerns have grown. I can understand how Hillary and other employees could believe that what she was doing was OK if the information wasn’t classified yet.

In fact, when I worked for USLICO in the early to mid 1990s, there was a possibility that I could see military officer PII. Although the issue never came up, it would sound plausible that this information could subsequently become classified, in a manner analogous to Hillary Clinton’s problem. We were never screened for formal clearances.

There was also a requirement that I made in the period from 1997-2003, when in Minneapolis, that all equipment on my premises belong to me. This was to avoid a possible conflict of interest problem that would not occur today (details ).

It is also noteworthy that companies gradually became more security conscious throughout the mid to late 1980s into the 1990s, in requiring programmers to have special access to update production files.

However, there were holes (such as, for a while, Top Secret could not talk to the Central Version of IDMS, or to MSA, at least in the mid 1990s). By the early 1990s, elevation procedures (of programs from test into production) became more secure, forcing integrity.

No comments:

(used for analytics)

Privacy Policy

Privacy Policy for billsitjobs.blogspot.com

If you require any more information or have any questions about my privacy policy, please feel free to contact me by email at JBoushka@aol.com.

At billsitjobs.blogspot.com , the privacy of my visitors is of extreme importance to me. This privacy policy document outlines the types of personal information is received and collected by billsitjobs.blogspot.com and how it is used.

Log Files Like many other Web sites, billsitjobs.blogspot.com makes use of log files. The information inside the log files includes internet protocol ( IP ) addresses, type of browser, Internet Service Provider ( ISP ), date/time stamp, referring/exit pages, and number of clicks to analyze trends, administer the site, track user’s movement around the site, and gather demographic information. IP addresses, and other such information are not linked to any information that is personally identifiable.

Cookies and Web Beacons billsitjobs.blogspot.com does not use cookies.

DoubleClick DART Cookie

.:: Google, as a third party vendor, uses cookies to serve ads on billsitjobs.blogspot.com .
.:: Google's use of the DART cookie enables it to serve ads to your users based on their visit to billsitjobs.blogspot.com and other sites on the Internet.
.:: Users may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy at the following link.

Some of my advertising partners may use cookies and web beacons on my site. My advertising partners include ....... Google Adsense

These third-party ad servers or ad networks use technology to the advertisements and links that appear on billsitjobs.blogspot.com send directly to your browsers. They automatically receive your IP address when this occurs. Other technologies ( such as cookies, JavaScript, or Web Beacons ) may also be used by the third-party ad networks to measure the effectiveness of their advertisements and / or to personalize the advertising content that you see.

billsitjobs.blogspot.com has no access to or control over these cookies that are used by third-party advertisers.

You should consult the respective privacy policies of these third-party ad servers for more detailed information on their practices as well as for instructions about how to opt-out of certain practices. billsitjobs.blogspot.com 's privacy policy does not apply to, and we cannot control the activities of, such other advertisers or web sites.

If you wish to disable cookies, you may do so through your individual browser options. More detailed information about cookie management with specific web browsers can be found at the browsers' respective websites.